Setting Up Your LDAPv3–Compliant Directory

The following sections contain procedures for setting up the supported LDAPv3–compliant directories.

Although Federation Manager has only been tested on supported LDAPv3–compliant directories, it should work with any LDAPv3-compliant directory server.

This section contains the following procedures:

• To Set Up Sun Java System Directory Server as a Configuration Data Store

• To Set Up Microsoft Active Directory as a Configuration Data Store

To Set Up Sun Java System Directory Server as a Configuration Data Store

In order to change the Federation Manager data store for configuration data to Sun Java System Directory Server, follow the procedure described below in To Set Up Sun Java System Directory Server as a Configuration Data Store.

1. Install Directory Server based on the instructions in the Sun Java Enterprise System 2005Q4 Installation Guide for UNIX.

2. Install Federation Manager based on the instructions in Chapter 2, Installing and Deploying Federation Manager.

3. Configure Federation Manager to communicate with Directory Server based on the instructions in Modifying Federation Manager Configuration Data to Recognize an LDAPv3–compliant Directory.

4. Build the new LDAP-based configuration data from the flat file data, and load the data and accompanying schema into Directory Server based on the instructions in Building and Loading LDIF Configuration Data Using fmff2ds.

To Set Up Microsoft Active Directory as a Configuration Data Store

In order to change the Federation Manager data store for configuration data to Microsoft Active Directory, you must set up the directory and load the Federation Manager LDIF schema. The procedure is described in To Set Up Microsoft Active Directory as a Configuration Data Store.

When the Active Directory installation wizard asks you to type a new domain, you may type a non-existent domain as in xyz.com. In this example, the root suffix will be dc=xyz,dc=com.

1. Install Microsoft Active Directory in either a Microsoft Windows 2000 Advanced Server or a Microsoft Windows 2003 Advanced Server.

   The procedures for these installations can be found in your Active Directory documentation or on the Microsoft web site.

2. Install the Active Directory Schema Snap-in.

   Instructions for installing the Active Directory Schema Snap-in can also be found on the Microsoft web site

3. Open the Microsoft Management Console (MMC).

   Using this console you can load the LDIF schema into Active Directory.

4. Point your cursor to Active Directory Schema and hold the right mouse button down.

5. Select Operations Master... from the drop-down menu.

6. Check The Schema may be modified on this Domain Controller from the Change Schema Master" window and click OK.

   This enables schema modification. The administrator DN is cn=administator,cn=users,ROOT-SUFFIX.

7. Install and configure Federation Manager according to the information in Modifying Federation Manager Configuration Data to Recognize an LDAPv3–compliant Directory.